In message <m1DBHEL-0024fjC@building.weird.com>, "Greg A. Woods" writes:
>[ On Sunday, March 13, 2005 at 13:30:18 (+0100), Florian Stoehr wrote: ]
>> Subject: Re: New Documentation: Encrypted CDs/DVDs
>>
>> Configuring the cgd with a random-key (as Alan suggested) and dding
>> /dev/zero to this is the best solution *IF* you want to fill up the image
>> and you always want to write a full image, I agree.
>
>I'm certainly not a crypto expert, but won't there be some (enough)
>sectors that were sure to have been untouched otherwise and thus which
>an attacker can assume to have been filled with encrypted zeros and, if
>so, will this make it any easier to attack the CGD key?
I don't think that's a real issue. AES (or any reasonable
cryptosystem) is very secure against that attack (known in the crypto
game as a "known plaintext" attack).
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb